ELSA-2022-9669

ULN >
Oracle Linux Errata repository >
ELSA-2022-9669

ELSA-2022-9669 - qemu security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2022-08-01

Description

[15:4.2.1-18.el7]
- block: introduce max_hw_iov for use in scsi-generic (Paolo Bonzini) [Orabug: 33785156]
- file-posix: try BLKSECTGET on block devices too, do not round to power of 2 (Paolo Bonzini) [Orabug: 33785156]
- block: add max_hw_transfer to BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- block-backend: align max_transfer to request alignment (Paolo Bonzini) [Orabug: 33785156]
- osdep: provide ROUND_DOWN macro (Paolo Bonzini) [Orabug: 33785156]
- scsi-generic: pass max_segments via max_iov field in BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- file-posix: fix max_iov for /dev/sg devices (Paolo Bonzini) [Orabug: 33785156]
- display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207) (Mauro Matteo Cascella) [Orabug: 34049511] {CVE-2021-4207}
- ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) (Mauro Matteo Cascella) [Orabug: 34049509] {CVE-2021-4206}
- hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) (Philippe Mathieu-Daude) [Orabug: 32860387] {CVE-2021-3507}
- pc: q35: Bump max_cpus to 512 (Suravee Suthikulpanit) [Orabug: 34314249]
- tests/qtest: fix pvpanic-pci-test (Mark Kanda) [Orabug: 34284763]
- libqos: pci-pc: use 32-bit write for EJ register (Paolo Bonzini) [Orabug: 34284758]
- libqos: usb-hcd-ehci: use 32-bit write for config register (Paolo Bonzini) [Orabug: 34284768]
- target/i386/kvm: Fix disabling MPX on '-cpu host' with MPX-capable host (Maciej S. Szmigiero) [Orabug: 33528615]
- i386: Mask SVM features if nested SVM is disabled (Eduardo Habkost) [Orabug: 33860224]
- ide: Cap LBA28 capacity announcement to 2^28-1 (Samuel Thibault) [Orabug: 25327652]
- tests/acpi: update expected arm/virt tables (Mark Kanda) [Orabug: 34132842]

Related CVEs

CVE-2021-3507

CVE-2021-4206

CVE-2021-4207

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	qemu-4.2.1-18.el7.src.rpm	dd0869c29e7302304e88704588bac7cf	-
	ivshmem-tools-4.2.1-18.el7.aarch64.rpm	6da0d1e90c50fe272c7db58a13d4a249	-
	qemu-4.2.1-18.el7.aarch64.rpm	254e9724d97582f209d2ddb8f8f60523	-
	qemu-block-gluster-4.2.1-18.el7.aarch64.rpm	fab2110c1cc9ee492d98130daf11636d	-
	qemu-block-iscsi-4.2.1-18.el7.aarch64.rpm	9efb2d7c59c9b056b644545b0ab5cebf	-
	qemu-block-rbd-4.2.1-18.el7.aarch64.rpm	17c1fa268f03844f14feb7403eec9e6e	-
	qemu-common-4.2.1-18.el7.aarch64.rpm	1590d8b25c58a6fd271a992283e2f3cf	-
	qemu-img-4.2.1-18.el7.aarch64.rpm	89817bc381d17f107df0a2ec14f57a27	-
	qemu-kvm-4.2.1-18.el7.aarch64.rpm	66533d4651a14714c68ab5dc86220c5a	-
	qemu-kvm-core-4.2.1-18.el7.aarch64.rpm	1d00c463153f0b71d9803a1a838f0cf5	-
	qemu-system-aarch64-4.2.1-18.el7.aarch64.rpm	4d8398515b372dd2c5e6fa6ef83dfd56	-
	qemu-system-aarch64-core-4.2.1-18.el7.aarch64.rpm	08c22561f1ddf5928bb3b80556f6bb9d	-

Oracle Linux 7 (x86_64)	qemu-4.2.1-18.el7.src.rpm	dd0869c29e7302304e88704588bac7cf	-
	qemu-4.2.1-18.el7.x86_64.rpm	5ea8f27dec3bef2a9ccb393a4bb63158	-
	qemu-block-gluster-4.2.1-18.el7.x86_64.rpm	1679c3e72f18a3f76ab5edad3e229c13	-
	qemu-block-iscsi-4.2.1-18.el7.x86_64.rpm	ca6c0f2c4033ccf056944cba51f4a527	-
	qemu-block-rbd-4.2.1-18.el7.x86_64.rpm	337781ad6d4be993514e06b933ba14fb	-
	qemu-common-4.2.1-18.el7.x86_64.rpm	9ee9247c7fad947b3be581996bbeb41e	-
	qemu-img-4.2.1-18.el7.x86_64.rpm	7626f96dae77c185f0b1a784365a82a1	-
	qemu-kvm-4.2.1-18.el7.x86_64.rpm	6b3972faa8bc3614073229e86847b2f3	-
	qemu-kvm-core-4.2.1-18.el7.x86_64.rpm	66ea9ad09e01a75e1d97c47fc5f2d917	-
	qemu-system-x86-4.2.1-18.el7.x86_64.rpm	022761b9fa7ab92503048e197bc5b35b	-
	qemu-system-x86-core-4.2.1-18.el7.x86_64.rpm	d7ef8dbe3a0f4c2b61ee6cd8d3a6c895	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691